Stories, tips and more about IT

vSphere Network I/O Control: NIC Limit bandwidth

Today let’s talk about vSphere Network I/O Control (NIOC) version 3 (vSphere 6.0), it’s a feature in the vSphere Distributed Switch that allows you to control granularly the output/egress bandwidth from a VM network adapter level. Besides there are other useful options within NIOC capabilities, today, I will focus only in the network adapter bandwidth limit for VMs.

Prerequisites:

Enable the feature in the dvSwitch (in our case the one with Data Network):Scenario:

2 VMs within 2 Networks (Portgroups in dvSwitch)

KenshiroVM is a VM with Ubuntu that simulates traffic with iperf as a client.

Objective:

We will look in how Network I/O control (NIOC) let us limit the bandwidth granularly from a Virtual Machine (KenshiroVM), so, we will limit the bandwidth for a single NIC and see if it really works.

Testing:

Lab time! I enabled NIOC in the dvSwitch that I have created for OS traffic (Data Network), dvSwitch is called “DSwitch_DataNW”. The other dvSwitch is “DSwitchMGMT” and NIOC is not enabled (no NIOC = no restrictions).

As I said before we have 2 networks:

Data Network: 10.10.6.0/24

Management Network: 192.168.1.0/24

Main steps:

1. Verify that the client (KenshiroVM) has no restrictions within the network.

2. Then, we will limit the Data Network adapter from KenshiroVM, launch iperf to simulate traffic and review the limitation configured.

3. Finally we will test iperf again but in the Management Network and review that we have no restrictions.

1.Currently, KenshiroVM has no restrictions configured (notice that in the blue rectangle there are no options for NIOC because that portgroup (Management) it’s located in another dvSwitch where we didn’t enable NIOC):

If we launch iperf command with 200Mbps on port 9999 from KenshiroVM:

We can see the traffic on the destination (Win10Pro) on the Data Network Adapter (you can see the subnet in the screenshot):

Also, we can review it in vSphere Web Client (25 MBps = 200 Mbps):

2. Now we are going to set a limit on KenshiroVM Data Network adapter to 88 Mbits:

Now, we perform the same command with iperf on the client (KenshiroVM):

Even pushing 200 Mbits through the Data Netowork Adapter using iperf, NIOC will limit the traffic to 88 Mbits as set before. Here is the traffic seen by Win10Pro Data Network adapter:

In KenshiroVM, iperf performed the transfer in 88 Mbps approximately:

3. Now, if we do the same experiment (150 Mbps) but in the adapter where NIOC is not enabled:

KenshiroVM confirmed that it performed at 150 Mbps approximately:

Conclusion

As a result of using vSphere NIOC, we can granularly set limits in the bandwidth in a VM network adapter and it will obey the settings configured. It only works for outbound traffic, if you set a limit in a destination VM adapter, then, NIOC will not make any restrictions regarding the inbound traffic.